Just like making personal New Year resolutions such as better healthcare and weight loss, it is also important to make good resolutions for your business. Cyber attacks have been on the rise in recent years. The year 2017 too made several headlines on data breaches including those of WannaCry and Equifax. As more and more businesses are now relying on outsourced solutions to meet their workflow, following standard practices in the firm will help to address the threat of cyber attacks.
Here are a few resolutions that can substantially increase your business’ overall cyber security.
- Maintain an accurate map of information assets – To protect your assets, you should know what assets exist and where they exist. An accurate list is critical to ensure that these assets are adequately protected. So, in 2018 make sure to spend some time on creating or updating your inventory. Also, review existing security protocols, procedures and policies to ensure those assets are protected.
- Consider standard password protection procedures – As traditional passwords are no longer ideal to protect documents, use advanced password protection procedures. While two-step authentication is getting more common, multi-factor authentication is also likely to increase security. Many companies are also using biometrics such as fingerprints, voice recognition and facial scans for identification to be done more widely. You can also choose to use a long, easy-to-remember passphrase.
- Focus on employee cyber security training – Errors are found to be one of the primary sources of data compromises. Training employees on best practices is critical to improve overall security for an organization.
- Prepare for General Data Protection Regulation (GDPR) – The General Data Protection Regulation (GDPR), which will apply from 25 May 2018, requires U.S. companies that handle data belonging to customers living in the European Union (EU) to comply with its requirements for data protection. GDPR implementation could have significant resource implications, especially for larger and more complex organizations. Make sure to find out which parts of the GDPR will have the greatest impact on your business model and emphasize those areas in your planning process.
- Check security and legal compliance in contracts – Vendors as well as business partners having access to company systems and data present risks to information security in any firm. Make sure that your current contracting agreements include appropriate, detailed provisions regarding information security and legal compliance. While choosing business partners or vendors such as data entry companies, ensure they have not had prior breaches and that they will train their own personnel well, and have well-documented security policies. Also, review and update your security policies to ensure they keep pace with these changes.
Regular audits can also help you identify new vulnerabilities and previously known vulnerabilities that have not been mitigated, and reset your security programs.
